I want help in setting certificate for configuring tomcat 7 on Ubuntu.
I tried many things but not success only HTTP works.
Could you share server.xml, I am using this:
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
keystoreType="PKCS12"
keystoreFile="/root/example.com.jks"
keystorePass="pass"
clientAuth="false" sslProtocol="TLS" />
What’s the problem instance on AWS and I opened 8443 but not connecting.
Installation process: https://computingforgeeks.com/tomcat-7-with-letsencrypt-ssl-certificate/
schoen
March 1, 2018, 11:20pm
2
Hi @am0awad ,
What’s the real domain name?
When you try to connect, do you see a browser error or does the connection simply time out?
Did you already successfully obtain a certificate and convert it into JKS format?
_az
March 1, 2018, 11:26pm
4
Based on the “connection refused” error, Tomcat is not listening on 8443.
What’s this show:
ss -tlnp
also
keytool -list -keystore /root/example.com.jks -storepass pass
and please show your logs/catalina.out
output for the most recent start as well.
1 Like
ss -tlnp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:* users:(("sshd",pid=14785,fd=3))
LISTEN 0 128 :::22 :::* users:(("sshd",pid=14985,fd=4))
LISTEN 0 1 ::ffff:127.0.0.1:8005 :::* users:(("java",pid=23000,fd=58))
LISTEN 0 100 :::8080 :::*
keytool -list -keystore /root/example.com.jks -storepass pass
keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect
_az
March 1, 2018, 11:33pm
6
Well, it looks like either your keystore password is wrong in the configuration, or you haven’t set the keystore up at all.
I have to hop into a meeting now, but basically:
Acquire a certificate using Certbot or another Let’s Encrypt client. Have you done this or not?
Export the certificate you acquired from /etc/letsencrypt
and import it into a keystore file that Tomcat can read
Point Tomcat at that keystore file with the correct passphrase.
This post can help you with steps 2 and 3 .
system
Closed
April 1, 2018, 10:08pm
8
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.